From 2942dfb00db1757928da402b6d2c5915c6ceb4b8 Mon Sep 17 00:00:00 2001
From: adam <adam@pkgsrc.org>
Date: Wed, 2 Jul 2014 09:53:16 +0000
Subject: Changes 2.7.8: The openssl version bundled in the Windows installer
 has been updated. A regression in the mimetypes module on Windows has been
 fixed. A possible overflow in the buffer type has been fixed. A bug in the
 CGIHTTPServer module which allows arbitrary execution of code in the server
 root has been patched. A regression in the handling of UNC paths in
 os.path.join has been fixed

---
 lang/python27/Makefile                             |  3 +-
 lang/python27/PLIST.common                         | 32 ++++++++++++++++-----
 lang/python27/dist.mk                              |  4 +--
 lang/python27/distinfo                             | 14 ++++-----
 lang/python27/patches/patch-Include_pyport.h       |  3 +-
 lang/python27/patches/patch-Lib_CGIHTTPServer.py   | 16 -----------
 .../patches/patch-Lib_test_test__httpservers.py    | 19 -------------
 lang/python27/patches/patch-al                     | 33 ++++++++++++----------
 8 files changed, 54 insertions(+), 70 deletions(-)
 delete mode 100644 lang/python27/patches/patch-Lib_CGIHTTPServer.py
 delete mode 100644 lang/python27/patches/patch-Lib_test_test__httpservers.py

(limited to 'lang/python27')

diff --git a/lang/python27/Makefile b/lang/python27/Makefile
index 76e56cf03b4..c65e53eeb33 100644
--- a/lang/python27/Makefile
+++ b/lang/python27/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.43 2014/06/11 05:55:58 richard Exp $
+# $NetBSD: Makefile,v 1.44 2014/07/02 09:53:16 adam Exp $
 
 .include "dist.mk"
 
 PKGNAME=	python27-${PY_DISTVERSION}
-PKGREVISION=	2
 CATEGORIES=	lang python
 
 MAINTAINER=	pkgsrc-users@NetBSD.org
diff --git a/lang/python27/PLIST.common b/lang/python27/PLIST.common
index f18e963d505..2d79f5c5c6a 100644
--- a/lang/python27/PLIST.common
+++ b/lang/python27/PLIST.common
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST.common,v 1.10 2014/06/02 06:12:03 adam Exp $
+@comment $NetBSD: PLIST.common,v 1.11 2014/07/02 09:53:16 adam Exp $
 bin/2to3-${PY_VER_SUFFIX}
 bin/pydoc${PY_VER_SUFFIX}
 bin/python${PY_VER_SUFFIX}
@@ -479,9 +479,6 @@ lib/python${PY_VER_SUFFIX}/ctypes/test/test_checkretval.pyo
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_delattr.py
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_delattr.pyc
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_delattr.pyo
-lib/python${PY_VER_SUFFIX}/ctypes/test/test_errcheck.py
-lib/python${PY_VER_SUFFIX}/ctypes/test/test_errcheck.pyc
-lib/python${PY_VER_SUFFIX}/ctypes/test/test_errcheck.pyo
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_errno.py
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_errno.pyc
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_errno.pyo
@@ -503,9 +500,6 @@ lib/python${PY_VER_SUFFIX}/ctypes/test/test_incomplete.pyo
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_init.py
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_init.pyc
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_init.pyo
-lib/python${PY_VER_SUFFIX}/ctypes/test/test_integers.py
-lib/python${PY_VER_SUFFIX}/ctypes/test/test_integers.pyc
-lib/python${PY_VER_SUFFIX}/ctypes/test/test_integers.pyo
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_internals.py
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_internals.pyc
 lib/python${PY_VER_SUFFIX}/ctypes/test/test_internals.pyo
@@ -1703,6 +1697,12 @@ lib/python${PY_VER_SUFFIX}/idlelib/idle_test/mock_idle.pyo
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/mock_tk.py
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/mock_tk.pyc
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/mock_tk.pyo
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_autocomplete.py
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_autocomplete.pyc
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_autocomplete.pyo
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_autoexpand.py
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_autoexpand.pyc
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_autoexpand.pyo
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_calltips.py
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_calltips.pyc
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_calltips.pyo
@@ -1718,9 +1718,15 @@ lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_formatparagraph.pyo
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_grep.py
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_grep.pyc
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_grep.pyo
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_hyperparser.py
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_hyperparser.pyc
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_hyperparser.pyo
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_idlehistory.py
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_idlehistory.pyc
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_idlehistory.pyo
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_parenmatch.py
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_parenmatch.pyc
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_parenmatch.pyo
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_pathbrowser.py
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_pathbrowser.pyc
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_pathbrowser.pyo
@@ -1733,6 +1739,9 @@ lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_searchengine.pyo
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_text.py
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_text.pyc
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_text.pyo
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_textview.py
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_textview.pyc
+lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_textview.pyo
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_warning.py
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_warning.pyc
 lib/python${PY_VER_SUFFIX}/idlelib/idle_test/test_warning.pyo
@@ -1948,6 +1957,12 @@ lib/python${PY_VER_SUFFIX}/lib-tk/test/runtktests.pyo
 lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/__init__.py
 lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/__init__.pyc
 lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/__init__.pyo
+lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_geometry_managers.py
+lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_geometry_managers.pyc
+lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_geometry_managers.pyo
+lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_images.py
+lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_images.pyc
+lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_images.pyo
 lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_loadtk.py
 lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_loadtk.pyc
 lib/python${PY_VER_SUFFIX}/lib-tk/test/test_tkinter/test_loadtk.pyo
@@ -3900,6 +3915,9 @@ lib/python${PY_VER_SUFFIX}/test/test_softspace.pyo
 lib/python${PY_VER_SUFFIX}/test/test_sort.py
 lib/python${PY_VER_SUFFIX}/test/test_sort.pyc
 lib/python${PY_VER_SUFFIX}/test/test_sort.pyo
+lib/python${PY_VER_SUFFIX}/test/test_spwd.py
+lib/python${PY_VER_SUFFIX}/test/test_spwd.pyc
+lib/python${PY_VER_SUFFIX}/test/test_spwd.pyo
 lib/python${PY_VER_SUFFIX}/test/test_sqlite.py
 lib/python${PY_VER_SUFFIX}/test/test_sqlite.pyc
 lib/python${PY_VER_SUFFIX}/test/test_sqlite.pyo
diff --git a/lang/python27/dist.mk b/lang/python27/dist.mk
index aae659f9a1c..b7b29450df5 100644
--- a/lang/python27/dist.mk
+++ b/lang/python27/dist.mk
@@ -1,6 +1,6 @@
-# $NetBSD: dist.mk,v 1.7 2014/06/02 06:12:03 adam Exp $
+# $NetBSD: dist.mk,v 1.8 2014/07/02 09:53:16 adam Exp $
 
-PY_DISTVERSION=	2.7.7
+PY_DISTVERSION=	2.7.8
 DISTNAME=	Python-${PY_DISTVERSION}
 EXTRACT_SUFX=	.tar.xz
 DISTINFO_FILE=	${.CURDIR}/../../lang/python27/distinfo
diff --git a/lang/python27/distinfo b/lang/python27/distinfo
index 8fee3aa256b..b8956b0743c 100644
--- a/lang/python27/distinfo
+++ b/lang/python27/distinfo
@@ -1,16 +1,14 @@
-$NetBSD: distinfo,v 1.43 2014/07/02 08:22:02 he Exp $
+$NetBSD: distinfo,v 1.44 2014/07/02 09:53:16 adam Exp $
 
-SHA1 (Python-2.7.7.tar.xz) = 5f82557cac5abf18d1df6f8bb2029aa335b321f4
-RMD160 (Python-2.7.7.tar.xz) = 988da9490e8d66a2456accdce5dbe9ba875d5a18
-Size (Python-2.7.7.tar.xz) = 10496500 bytes
+SHA1 (Python-2.7.8.tar.xz) = 9c6281eeace0c3646fa556c8087bb1b7e033c9c4
+RMD160 (Python-2.7.8.tar.xz) = 04d7d55ea65074a9b419e5d0920414e54691d907
+Size (Python-2.7.8.tar.xz) = 10525244 bytes
 SHA1 (patch-Include_node.h) = 673d148b625711ac47e4bfeb0f5b0d5b31f94d7e
 SHA1 (patch-Include_pyerrors.h) = 3eba043c83b1d1df4918524f7b53047a6ed372ae
-SHA1 (patch-Include_pyport.h) = 3f21c910cf7f002184d2b054a1a362e4a98a218f
-SHA1 (patch-Lib_CGIHTTPServer.py) = 533ab07f23b5bcbb13c9bc8e49b056f0a95768a4
+SHA1 (patch-Include_pyport.h) = 971c7c548b92595712d0d70a0917a0ccc83b6c7e
 SHA1 (patch-Lib_distutils_unixccompiler.py) = 39b967dc2ae648143d5841f22602a21063b4d5ea
 SHA1 (patch-Lib_poplib.py) = 5d7f64b028abd2fd43651f27a7f2ce7efe5b0859
 SHA1 (patch-Lib_smtplib.py) = f1118bbc53b4e292eb9a28ef3ef10eb4aa553bc3
-SHA1 (patch-Lib_test_test__httpservers.py) = b3c85c74bdd42b736882a92f807392abf3bb4fbd
 SHA1 (patch-Lib_test_test__poplib.py) = 1bdef76b687d042272e35c08521d4244d2c7fbe1
 SHA1 (patch-Lib_test_test_smtplib.py) = 9e8a7f826c7d0f493746718b49fc27ac97c2cbb1
 SHA1 (patch-Misc_NEWS) = c9171e10227567750db8e11881aca305cd8c3a42
@@ -21,7 +19,7 @@ SHA1 (patch-ab) = 0d0ae9802dfe3b85659adb16793affd8c4ffce43
 SHA1 (patch-ad) = de730b9f5a5efb56afa8bed05824b5f6579242ec
 SHA1 (patch-ae) = ff6d8c6164fe3c6dc4fb33d88eb8a49d5c5442f6
 SHA1 (patch-ah) = ae3ce0656d890ca34292920bf0185f94ba847139
-SHA1 (patch-al) = cd73fa968177a6e99737f2f6b095c1cb2da1b8b0
+SHA1 (patch-al) = d07699c6987da69fca911a15ab8011a82e43143d
 SHA1 (patch-am) = 366ce0b130cc9b6d6c5354769da05bb4b5845e01
 SHA1 (patch-an) = 6098fbf0fc31422196cc40d3a227934523db11ca
 SHA1 (patch-ao) = 3a1cd2b255340fd23fc1fce8680e692581ffcec1
diff --git a/lang/python27/patches/patch-Include_pyport.h b/lang/python27/patches/patch-Include_pyport.h
index 10e5e50a2e2..81bd910777f 100644
--- a/lang/python27/patches/patch-Include_pyport.h
+++ b/lang/python27/patches/patch-Include_pyport.h
@@ -1,4 +1,5 @@
-$NetBSD: patch-Include_pyport.h,v 1.1 2014/06/11 05:55:58 richard Exp $
+$NetBSD: patch-Include_pyport.h,v 1.2 2014/07/02 09:53:16 adam Exp $
+
 SunOS defines gethostname in <unistd.h>
 http://bugs.python.org/issue19561
 
diff --git a/lang/python27/patches/patch-Lib_CGIHTTPServer.py b/lang/python27/patches/patch-Lib_CGIHTTPServer.py
deleted file mode 100644
index ba26695ea1b..00000000000
--- a/lang/python27/patches/patch-Lib_CGIHTTPServer.py
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-Lib_CGIHTTPServer.py,v 1.1 2014/07/02 08:22:02 he Exp $
-
-Fix for directory-traversal vulnerability, ref.
-http://bugs.python.org/issue21766
-
---- Lib/CGIHTTPServer.py.orig	2014-06-09 11:29:36.000000000 +0000
-+++ Lib/CGIHTTPServer.py
-@@ -84,7 +84,7 @@ class CGIHTTPRequestHandler(SimpleHTTPSe
-         path begins with one of the strings in self.cgi_directories
-         (and the next character is a '/' or the end of the string).
-         """
--        collapsed_path = _url_collapse_path(self.path)
-+        collapsed_path = _url_collapse_path(urllib.unquote(self.path))
-         dir_sep = collapsed_path.find('/', 1)
-         head, tail = collapsed_path[:dir_sep], collapsed_path[dir_sep+1:]
-         if head in self.cgi_directories:
diff --git a/lang/python27/patches/patch-Lib_test_test__httpservers.py b/lang/python27/patches/patch-Lib_test_test__httpservers.py
deleted file mode 100644
index 125ba711de0..00000000000
--- a/lang/python27/patches/patch-Lib_test_test__httpservers.py
+++ /dev/null
@@ -1,19 +0,0 @@
-$NetBSD: patch-Lib_test_test__httpservers.py,v 1.1 2014/07/02 08:22:02 he Exp $
-
-Test case for directory traversal vulnerability, ref.
-http://bugs.python.org/issue21766
-
---- Lib/test/test_httpservers.py.orig	2014-06-09 11:29:38.000000000 +0000
-+++ Lib/test/test_httpservers.py
-@@ -510,6 +510,11 @@ class CGIHTTPServerTestCase(BaseTestCase
-                 (res.read(), res.getheader('Content-type'), res.status))
-         self.assertEqual(os.environ['SERVER_SOFTWARE'], signature)
- 
-+    def test_urlquote_decoding_in_cgi_check(self):
-+       	res = self.request('/cgi-bin%2ffile1.py')
-+        self.assertEqual((b'Hello World\n', 'text/html', 200),
-+                (res.read(), res.getheader('Content-type'), res.status))
-+
- 
- class SimpleHTTPRequestHandlerTestCase(unittest.TestCase):
-     """ Test url parsing """
diff --git a/lang/python27/patches/patch-al b/lang/python27/patches/patch-al
index 8f00e3bab6a..699d40494b6 100644
--- a/lang/python27/patches/patch-al
+++ b/lang/python27/patches/patch-al
@@ -1,4 +1,4 @@
-$NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
+$NetBSD: patch-al,v 1.13 2014/07/02 09:53:16 adam Exp $
 
 - recognize MirBSD, Interix
 - remove special-case library version hack for FreeBSD
@@ -6,7 +6,7 @@ $NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
 - honor pkgsrc LDFLAGS
 - other stuff not previously commented (XXX)
 
---- configure.orig	2014-05-31 18:58:40.000000000 +0000
+--- configure.orig	2014-06-30 02:05:48.000000000 +0000
 +++ configure
 @@ -3252,7 +3252,7 @@ case $ac_sys_system/$ac_sys_release in
    # Reconfirmed for OpenBSD 3.3 by Zachary Hamm, for 3.4 by Jason Ish.
@@ -34,16 +34,17 @@ $NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
  	  INSTSONAME="$LDLIBRARY".$SOVERSION
  	  ;;
      hp*|HP*)
-@@ -6046,7 +6041,7 @@ $as_echo "$CC" >&6; }
- 	    # Calculate the right deployment target for this build.
- 	    #
- 	    cur_target=`sw_vers -productVersion | sed 's/\(10\.[0-9]*\).*/\1/'`
--	    if test ${cur_target} '>' 10.2; then
-+	    if false; then
+@@ -6050,8 +6045,7 @@ $as_echo "$CC" >&6; }
+ 		cur_target_minor=`sw_vers -productVersion | \
+ 				sed 's/\([0-9]*\)\.\([0-9]*\).*/\2/'`
+ 		cur_target="${cur_target_major}.${cur_target_minor}"
+-		if test ${cur_target_major} -eq 10 && \
+-		   test ${cur_target_minor} -ge 3
++		if false
+ 		then
  		    cur_target=10.3
  		    if test ${enable_universalsdk}; then
- 			    if test "${UNIVERSAL_ARCHS}" = "all"; then
-@@ -8203,9 +8198,9 @@ then
+@@ -8209,9 +8203,9 @@ then
  			LDCXXSHARED="$LDCXXSHARED "'$(PYTHONFRAMEWORKPREFIX)/$(PYTHONFRAMEWORKDIR)/Versions/$(VERSION)/$(PYTHONFRAMEWORK)'
  		else
  			# No framework, use the Python app as bundle-loader
@@ -56,7 +57,7 @@ $NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
  		fi ;;
  	Darwin/*)
  		# Use -undefined dynamic_lookup whenever possible (10.3 and later).
-@@ -8229,15 +8224,15 @@ then
+@@ -8234,9 +8228,9 @@ then
  				LDCXXSHARED="$LDCXXSHARED "'$(PYTHONFRAMEWORKPREFIX)/$(PYTHONFRAMEWORKDIR)/Versions/$(VERSION)/$(PYTHONFRAMEWORK)'
  			else
  				# No framework, use the Python app as bundle-loader
@@ -67,7 +68,9 @@ $NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
 +				LDSHARED="$LDSHARED "'-flat_namespace -undefined suppress -bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
 +				LDCXXSHARED="$LDCXXSHARED "'-flat_namespace -undefined suppress -bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
  			fi
- 		fi
+ 		else
+ 			# building for OS X 10.3 and later
+@@ -8250,7 +8244,7 @@ then
  		;;
  	Linux*|GNU*|QNX*)
  		LDSHARED='$(CC) -shared'
@@ -76,7 +79,7 @@ $NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
  	BSD/OS*/4*)
  		LDSHARED="gcc -shared"
  		LDCXXSHARED="g++ -shared";;
-@@ -8265,9 +8260,15 @@ then
+@@ -8278,9 +8272,15 @@ then
  				   ;;
  				esac
  		fi;;
@@ -92,7 +95,7 @@ $NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
  	OpenUNIX*|UnixWare*)
  		if test "$GCC" = "yes" ; then
  			LDSHARED='$(CC) -shared'
-@@ -8311,7 +8312,8 @@ then
+@@ -8324,7 +8324,8 @@ then
  		 fi;;
  	Linux*|GNU*) CCSHARED="-fPIC";;
  	BSD/OS*/4*) CCSHARED="-fpic";;
@@ -102,7 +105,7 @@ $NetBSD: patch-al,v 1.12 2014/06/02 06:12:03 adam Exp $
  	OpenUNIX*|UnixWare*)
  		if test "$GCC" = "yes"
  		then CCSHARED="-fPIC"
-@@ -8363,11 +8365,12 @@ then
+@@ -8376,11 +8377,12 @@ then
  	OpenUNIX*|UnixWare*) LINKFORSHARED="-Wl,-Bexport";;
  	SCO_SV*) LINKFORSHARED="-Wl,-Bexport";;
  	ReliantUNIX*) LINKFORSHARED="-W1 -Blargedynsym";;
-- 
cgit v1.2.3